🚨 CISA KEV 1[−]
5 Jun KEVCISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-5419 Google Chromium V8 Out-of-Bounds Read and Write Vulnerability This type of vulnerability is a frequent attack vect…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
5 JunCritical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCICisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could allow unauthenticated actors to carry out malicious actions on susceptible systems. The security defect, tracked as CVE-2025…THEHACKERNEWS.COM
5 JunCisco Alerts Users to Critical ISE Vulnerability Exposing Sensitive DataCisco has issued a critical security advisory (Advisory ID: cisco-sa-ise-aws-static-cred-FPMjUcm7) for its Identity Services Engine (ISE) when deployed on major cloud platforms—Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI). The vulnerability, t…GBHACKERS.COM
5 JunCritical Cisco Nexus Dashboard Vulnerability Lets Attackers Impersonate Managed DevicesCisco has issued a high-severity security advisory (ID: cisco-sa-ndfc-shkv-snQJtjrp) regarding a critical SSH host key validation vulnerability in its Nexus Dashboard Fabric Controller (NDFC), tracked as CVE-2025-20163. The flaw, assigned a CVSS 3.1 base score of 8.7, could allow…GBHACKERS.COM
5 JunCisco IMC Vulnerability Allows Attackers to Gain Elevated PrivilegesCisco has issued a security advisory regarding a critical privilege escalation vulnerability (CVE-2025-20261) affecting its Integrated Management Controller (IMC) software used in UCS B-Series, C-Series, S-Series, and X-Series servers. The flaw, rated with a CVSS base score of 8.…GBHACKERS.COM
5 JunVMware NSX XSS Vulnerability Exposes Systems to Malicious Code InjectionBroadcom has issued a high-severity security advisory (VMSA-2025-0012) for VMware NSX, addressing three newly discovered stored Cross-Site Scripting (XSS) vulnerabilities: CVE-2025-22243, CVE-2025-22244, and CVE-2025-22245. These vulnerabilities impact the NSX Manager UI, gateway…GBHACKERS.COM
5 JunWireshark Vulnerability Allows Attackers to Launch DoS AttacksA critical security vulnerability, tracked as CVE-2025-5601, was disclosed on June 4, 2025, affecting Wireshark versions 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12. This flaw, identified as “Dissection engine crash” (wnpa-sec-2025-02), stems from a bug in the column utility m…GBHACKERS.COM
5 JunCritical Dell PowerScale Vulnerability Allows Attackers Unauthorized Access to FilesystemDell Technologies has issued a critical security advisory (DSA-2025-208) for its PowerScale OneFS operating system, addressing multiple vulnerabilities that could allow malicious actors to compromise affected systems. The most severe of these vulnerabilities, tracked as CVE-2024-…GBHACKERS.COM
5 JunHacker selling critical Roundcube webmail exploit as tech info disclosedHackers are actively exploiting CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution. [...]BLEEPINGCOMPUTER.COM
5 JunCVE-2025-47966 Power Automate Elevation of Privilege VulnerabilityExposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 40[−]
5 JunCyber Resilience in Zeiten geopolitischer UnsicherheitCyberbedrohungen existieren längst nicht mehr im luftleeren Raum – sie entstehen im Spannungsfeld von Geopolitik, regulatorischer Zersplitterung und einer stetig wachsenden digitalen Angriffsfläche. vectorfusionart – shutterstock.com Cybersecurity ist heute ein rechtliches, opera…CSOONLINE.COM
5 JunEurope leads the world in exposed solar power equipment, raising alarms on infrastructure security, report findssubmitted by Hotznplotzn to cybersecurity 2 points | 0 comments https://www.forescout.com/blog/the-security-risks-of-internet-exposed-solar-power-systems cross-posted from: lemmy.sdf.org/post/36028716 Archived Security firm Forescout identified almost 35,000 solar power devices f…INFOSEC.PUB
5 JunEurope leads the world in exposed solar power equipment, raising alarms on infrastructure security, report findssubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://www.forescout.com/blog/the-security-risks-of-internet-exposed-solar-power-systems cross-posted from: lemmy.sdf.org/post/36028716 Archived Security firm Forescout identified almost 35,000 solar power devices f…SH.ITJUST.WORKS
5 JunOutlook Users Targeted by New HTML-Based Phishing SchemeA recent phishing campaign has revealed a sophisticated technique that exploits Microsoft Outlook’s unique handling of HTML emails to conceal malicious links from corporate users. The attack, initially appearing as a standard phishing attempt impersonating a Czech bank, leverages…GBHACKERS.COM
5 JunGet out of the audit committee: Why CISOs need dedicated board timeAdequate time with the board is in short supply for CISOs and this restricted engagement is leaving organizations unprepared to fully understand and manage enterprise risk. Time for the cybersecurity agenda is often limited to quarterly board committee sessions and annual full bo…CSOONLINE.COM
5 JunVulnerability-Lookup Discourse on Mastodon!submitted by cm0002 to cybersecurity 1 points | 0 comments https://lemmy.ml/post/31198652 You can now follow the Vulnerability-Lookup >Discourse topic on Mastodon: >@vulnerability-lookup@discourse.ossbase.org discourse.ossbase.org/c/…/6 #Mastodon #Discourse #ActivityPub #Vu…INFOSEC.PUB
5 JunViLE gang members sentenced for extortion, police portal breachTwo members of a group of cybercriminals named ViLE were sentenced this week for hacking into a federal law enforcement web portal in an extortion scheme. [...]BLEEPINGCOMPUTER.COM
5 JunUNC6040 APT Hackers Steals Salesforce data Without Exploit Any VulnerabilitiesThe financially motivated threat cluster UNC6040, tracked by Google Threat Intelligence Group (GTIG), has been orchestrating a series of voice phishing (vishing) campaigns specifically aimed at compromising Salesforce environments of multinational corporations. Unlike traditional…GBHACKERS.COM
5 JunFBI Aware of 900 Organizations Hit by Play RansomwarePlay ransomware attacks have hit roughly 900 organizations and recently involved the exploitation of SimpleHelp vulnerabilities. The post FBI Aware of 900 Organizations Hit by Play Ransomware appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunGoogle Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader Appsubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2025/06/google-exposes-vishing-group-unc6040.htmlSH.ITJUST.WORKS
5 JunMen Who Hacked Law Enforcement Database for Doxing Sentenced to PrisonSagar Steven Singh and Nicholas Ceraolo, members of the Vile group, get prison sentences for identity theft and hacking. The post Men Who Hacked Law Enforcement Database for Doxing Sentenced to Prison appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver MalwareResearchers have discovered and analyzed a ClickFix attack that uses a fake Cloudflare ‘humanness’ check. The post ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunHackers Exploit New HTML Trick to Deceive Outlook Users into Clicking Malicious LinksCybersecurity researchers have encountered a cleverly crafted phishing email targeting Czech bank customers, employing a lesser-known but highly deceptive technique to bypass security mechanisms and trick users into clicking malicious links. At first glance, the email appears to …GBHACKERS.COM
5 JunHow Threat Actors Exploit Human Trust: A Breakdown of the 'Prove You Are Human' Malware Scheme - DomainTools Investigations | DTIsubmitted by kid to cybersecurity 1 points | 0 comments https://dti.domaintools.com/how-threat-actors-exploit-human-trust/SH.ITJUST.WORKS
5 JunRedefining Cyber Value: Why Business Impact Should Lead the Security ConversationSecurity teams face growing demands with more tools, more data, and higher expectations than ever. Boards approve large security budgets, yet still ask the same question: what is the business getting in return? CISOs respond with reports on controls and vulnerability counts – but…THEHACKERNEWS.COM
5 JunSupply chain attack hits RubyGems to steal Telegram API dataAn ongoing supply chain attack is targeting the RubyGems ecosystem to publish malicious packages intended to steal sensitive Telegram data. Published by a threat actor using multiple accounts under aliases Bùi nam, buidanhnam, and si_mobile, the malicious gems (ruby packages) pos…CSOONLINE.COM
5 JunTA397 Hackers Exploits Scheduled Tasks to Deploy Malware on Targeted SystemsA recent in-depth analysis by Proofpoint Threat Research has shed light on the sophisticated operations of TA397, also known as Bitter, a suspected state-backed threat actor highly likely aligned with Indian intelligence interests. Identified as an espionage-focused group, TA397 …GBHACKERS.COM
5 JunPhone unlocking firm Cellebrite to acquire mobile testing startup Corellium for $170MCellebrite said the deal will help with the "accelerated identification of mobile vulnerabilities and exploits."TECHCRUNCH.COM
5 JunMicrosoft launches European Security Program to counter nation-state threatsMicrosoft has announced a comprehensive cybersecurity program that will provide free AI-powered defense tools to European governments facing increasing attacks from Russian, Chinese, Iranian, and North Korean state-sponsored hackers. The European Security Program, unveiled in Ber…CSOONLINE.COM
5 JunControversial Firms Cellebrite and Corellium Announce $200 Million Acquisition DealCellebrite and Corellium, whose names have been mentioned in spyware stories, are joining forces to provide advanced investigative solutions. The post Controversial Firms Cellebrite and Corellium Announce $200 Million Acquisition Deal appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunFBI Alert: Extortion Gang Targets Law Firms With Social Engineering AttacksThe FBI is warning that the Silent Ransom Group (SRG) is targeting law firms with IT-themed social engineering attacks and callback phishing emails.KNOWBE4.COM
5 JunCopyright-Themed Phishing Lures Target EuropeA phishing campaign is targeting European countries with lures themed around copyright infringement, researchers at Cybereason warn.KNOWBE4.COM
5 JunCISOs beware: genAI use is outpacing security controlsEmployees in every organization use an average of 6.6 high-risk generative AI applications – including some unknown to CISOs — says Palo Alto Networks in a new study. But, an expert says, that estimate is low. “I think it’s probably worse,” said Joseph Steinberg, a cybersecurity …CSOONLINE.COM
5 JunHacker erbeuten Salesforce-Daten mit VishingSalesforce-User in mehreren Branchen wurden Opfer einer gezielten Vishing-Attacke. JHVEPhoto – shutterstock.com Eine neue Welle von Cyberangriffen auf Salesforce-Kunden erfasst aktuell Unternehmen verschiedener Branchen, darunter Gastgewerbe, Einzelhandel und Bildungswesen. Die G…CSOONLINE.COM
5 JunExploiting Clickfix: AMOS macOS Stealer Evades Security to Deploy Malicious Codesubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/clickfix-amos-macos-stealer-evades-security/SH.ITJUST.WORKS
5 JunBackdoored Open Source Malware Repositories Target Novice CybercriminalsA threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters. The post Backdoored Open Source Malware Repositories Target Novice Cybercriminals appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunOdoo Employee Database Allegedly Exposed and Put Up for Sale on Dark WebA data breach has reportedly struck Odoo, a leading Belgian provider of open-source business management software. On June 5, 2025, a 63.4MB employee database—allegedly sourced through a “collaborative effort with a senior insider”—was advertised for sale on a dark web forum. The …GBHACKERS.COM
5 JunMembers of ViLE Hacker Group Arrested for Hacking DEA PortalTwo members of the cybercriminal group “ViLE” were sentenced this week in Brooklyn federal court for their roles in a high-profile hacking and extortion scheme targeting a U.S. federal law enforcement web portal. Sagar Steven Singh, known online as “Weep,” received a 27-month pri…GBHACKERS.COM
5 JunCommercial vs. open-source SIEM: pros and cons | Kaspersky official blogWhich SIEM your organization should choose, and what needs considering when evaluating the cost of implementing an open-source SIEM.KASPERSKY.COM
5 JunMore than a hundred backdoored malware repos traced to single GitHub usersubmitted by Pro to cybersecurity 3 points | 0 comments https://news.sophos.com/en-us/2025/06/04/the-strange-tale-of-ischhfd83-when-cybercriminals-eat-their-own/ A customer wanted to know if we had protections for ‘Sakura RAT,’ an open-source malware project hosted on GitHub, bec…INFOSEC.PUB
5 JunCISA Releases Seven Industrial Control Systems AdvisoriesCISA released seven Industrial Control Systems (ICS) advisories on June 5, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-155-01 CyberData 011209 SIP Emergency Intercom ICSA-25-155-02 Hitachi…CISA.GOV
5 JunTop US cyber officials face divergent paths after Senate confirmationSince the start of the Trump administration, the US federal government’s two top cybersecurity leadership positions have been vacant, but those roles are finally on the path to being filled. The first job is the director of the Cybersecurity and Infrastructure Security Agency (CI…CSOONLINE.COM
5 JunCyberRiskTV Live Coverage from Identiverse 2025 - Day 3CyberRisk Alliance's Security Weekly broadcasting live from the CyberRiskTV Studio on the show floor at Identiverse 2025 at Mandalay Bay in Las Vegas! Schedule (PT): 10:10am - Show Intro ft. Adrian Sanabria & Jackie McGuire 10:40am - Securing Digital Trust: How AI is Redefining O…YOUTUBE.COM
5 JunBeware of Fake Zoom Client Downloads Granting Attackers Access to Your ComputerIn the wake of the COVID-19 pandemic, collaborative tools like Microsoft Teams, Zoom, and WebEx have become indispensable for remote work, enabling seamless communication with colleagues and clients. However, their widespread adoption has also made them prime targets for cybercri…GBHACKERS.COM
5 JunEvidence of Zero-Click iPhones Exploitation Uncovered in the U.S.submitted by Pro to cybersecurity 1 points | 0 comments https://iverify.io/blog/iverify-uncovers-evidence-of-zero-click-mobile-exploitation-in-the-usINFOSEC.PUB
5 JunChina Accuses Taiwan of Operating APT Groups with US SupportChina has accused Taiwan’s Democratic Progressive Party (DPP) authorities of orchestrating a series of sophisticated cyber attacks through Advanced Persistent Threat (APT) groups. Referred to as “T-APTs,” these groups are allegedly supported by Taiwan’s Informat…GBHACKERS.COM
5 JunEDR Just Killed Your Scanner—Here's WhyWhen Adrian drops the hot take that EDR tools have quietly taken over vulnerability management, it’s not just industry chatter—it’s a paradigm shift. This short dives into why traditional vulnerability scanners may be on their last legs, how EDR tools are already doing the job be…YOUTUBE.COM
5 JunNew Chaos RAT Targets Linux and Windows Users to Steal Sensitive DataA new wave of cyber threats has emerged with the discovery of updated variants of Chaos RAT, a notorious open-source remote administration tool (RAT) first identified in 2022. As reported by Acronis TRU researchers in their recent 2025 analysis, this malware continues to evolve, …GBHACKERS.COM
5 JunCyberRiskTV Live Coverage from Identiverse 2025 - Day 3CyberRisk Alliance's Security Weekly broadcasting live from the CyberRiskTV Studio on the show floor at Identiverse 2025 at Mandalay Bay in Las Vegas! Schedule (PT): 10:10am - Show Intro ft. Adrian Sanabria & Jackie McGuire 10:40am - Securing Digital Trust: How AI is Redefining O…YOUTUBE.COM
5 JunUpdating & Protecting Linux Systems - PSW #877Two parts to this episode: * Tech Segment: Updating Linux Systems - Beyond apt-get upgrade ** Custom scripts for ensuring your Linux systems are up-to-date ** topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions * Discussion Topic: Anti-Ma…YOUTUBE.COM
📢 SECURITY ADVISORIES 5[−]
5 JunCISA Releases TTPs & IoCs for Play Ransomware That Hacked 900+ OrgsThe Cybersecurity and Infrastructure Security Agency (CISA), alongside the Federal Bureau of Investigation (FBI) and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), has released detailed Tactics, Techniques, and Procedures (TTPs) and Indicators…GBHACKERS.COM
5 JunData hoarding can have financial and security consequencesEnd-of-life data management, be it deletion of what is no longer required, or data removal from hardware before it’s decommissioned, may not get the attention that data loss through breaches generates, but it’s equally critical — and equally dangerous, with almost half of enterpr…COMPUTERWORLD.COM
5 JunCybersecurity Showdown: Banks vs. HealthcarePresident Biden's latest national cybersecurity plan aims to close the growing gap between industries — but will it work? While the banking sector leads with advanced cybersecurity practices, the healthcare industry struggles to keep pace. With regulation seemingly out of favor, …YOUTUBE.COM
5 JunWhat She Revealed About Foreign Cyber Campaigns 👀Ilona Cohen reveals the hidden world of foreign cyber campaigns targeting the US government. Despite changing administrations, cybersecurity remains a rare nonpartisan issue — a silent battle fought behind the scenes. Discover how these invisible threats operate and why protectin…YOUTUBE.COM
🔥 INCIDENT REPORTING 15[−]
5 JunInterlock ransomware claims Kettering Health breach, leaks stolen dataThe Interlock ransomware gang has claimed a recent cyberattack on the Kettering Health healthcare network and leaked data allegedly stolen from breached systems. [...]BLEEPINGCOMPUTER.COM
5 JunHackerangriff auf deutschen Pappspezialist Wellteam126822068 Olivier Le Moal – shutterstock.com Laut einem Bericht der Regionalzeitung Westfalen-Blatt bemerkte die IT von Wellteam bereits am 23. Mai, dass Hacker in das System eingedrungen waren. Demnach führte der Angriff zu einem kompletten Betriebsausfall. „Maschinen blieben st…CSOONLINE.COM
5 JunRansomware Gang Leaks Alleged Kettering Health DataThe Interlock ransomware group has leaked data allegedly stolen from Kettering Health in a recent cyberattack. The post Ransomware Gang Leaks Alleged Kettering Health Data appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunLee Enterprises Says 40,000 Hit by Ransomware-Caused Data BreachLee Enterprises has completed its investigation into the recent ransomware attack and confirmed that a data breach occurred. The post Lee Enterprises Says 40,000 Hit by Ransomware-Caused Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunThousands impacted by cyberattacks on governments in Ohio, Oklahoma, Puerto Rico | The Record from Recorded Future Newssubmitted by kid to cybersecurity 2 points | 0 comments https://therecord.media/thousands-impacted-by-cyberattacks-states-puerto-ricoSH.ITJUST.WORKS
5 JunGermany fines Vodafone $51 million for privacy, security breachesThe German data protection authority (BfDI) has fined Vodafone GmbH, the telecommunications company's German subsidiary, €45 million ($51.4 million) for privacy and security violations. [...]BLEEPINGCOMPUTER.COM
5 Jun830 Organizations Hacked via Glitch-hosted Phishing Attack Uses Telegram & Fake CAPTCHAsNetskope Threat Labs reported a staggering 3.32-fold increase in traffic to phishing pages hosted on the Glitch platform, a browser-based web development tool that allows users to create and deploy web apps with free subdomains. This alarming spike has impacted over 830 organizat…GBHACKERS.COM
5 JunKettering Health ransomware attack claimed by Interlock gang, 941GB stolen data | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/news/kettering-health-claimed-interlock-ransomware-attack-941-gb-stolen-data/SH.ITJUST.WORKS
5 JunFBI: Play ransomware breached 900 victims, including critical orgssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/fbi-play-ransomware-breached-900-victims-including-critical-orgs/SH.ITJUST.WORKS
5 JunIran-Linked BladedFeline Hits Iraqi and Kurdish Targets with Whisper and Spearal MalwareAn Iran-aligned hacking group has been attributed to a new set of cyber attacks targeting Kurdish and Iraqi government officials in early 2024. The activity is tied to a threat group ESET tracks as BladedFeline, which is assessed with medium confidence to be a sub-cluster within …THEHACKERNEWS.COM
5 JunOutdoor-Shop Unterwegs von Cyberattacke betroffenDer Händler für Outdoor-Ausrüstung Unterwegs wurde gehackt. Dabei sind möglicherweise Kundendaten abgeflossen. ORIONF – shutterstock.com Der Unterwegs Outdoor Shop wurde nach eigenen Angaben Ende Mai Ziel einer Cyberattacke. Wie aus einem Rundschreiben an die Kunden hervorgeht, k…CSOONLINE.COM
5 JunUkraine claims it hacked Tupolev, Russia’s strategic warplane makersubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/ukraine-claims-it-hacked-tupolev-russias-strategic-warplane-maker/SH.ITJUST.WORKS
5 JunDesigning a Windows Service for SecurityDesigning a security-focused Windows Service? Learn more from ThreatLocker about the core components for real-time monitoring, threat detection, and system hardening to defend against malware and ransomware. [...]BLEEPINGCOMPUTER.COM
5 JunOld AT&T data leak repackaged to link SSNs, DOBs to 49M phone numbersA threat actor has re-released data from a 2021 AT&T breach affecting 70 million customers, this time combining previously separate files to directly link Social Security numbers and birth dates to individual users. [...]BLEEPINGCOMPUTER.COM
5 JunHow to build a robust Windows service to block malware and ransomwareDesigning a security-focused Windows Service? Learn more from ThreatLocker about the core components for real-time monitoring, threat detection, and system hardening to defend against malware and ransomware. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 30[−]
5 JunISC Stormcast For Thursday, June 5th, 2025 https://isc.sans.edu/podcastdetail/9480, (Thu, Jun 5th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
5 JunCustom Active Directory Client-Side Extensions Enable Stealthy Corporate Backdoorssubmitted by cm0002 to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/active-directory-client-side-extensions/INFOSEC.PUB
5 JunVodafone Germany Fined $51 Million Over Privacy, Security FailuresGermany fined Vodafone $51 million for failing to protect user data from partners and unauthorized third-parties. The post Vodafone Germany Fined $51 Million Over Privacy, Security Failures appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunU.S. Authorities Shut Down Major Dark Web Marketplace with 117,000 UsersIn a blow to the cybercrime underworld, the U.S. Attorney’s Office for the Eastern District of Virginia announced the seizure of approximately 145 domains, spanning both darknet and traditional internet spaces, associated with the notorious BidenCash marketplace. This coordinated…GBHACKERS.COM
5 JunChina Issues Warrants for Alleged Taiwanese Hackers and Bans a Business for Pro-Independence LinksChina issued warrants for 20 Taiwanese people it said carried out hacking missions in the Chinese mainland on behalf of the island’s ruling party. The post China Issues Warrants for Alleged Taiwanese Hackers and Bans a Business for Pro-Independence Links appeared first on Securit…SECURITYWEEK.COM
5 JunCarding Marketplace BidenCash Shut Down by AuthoritiesAuthorities seized 145 domains associated with BidenCash, a marketplace for stolen credit cards and personal information. The post Carding Marketplace BidenCash Shut Down by Authorities appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunBe Careful With Fake Zoom Client Downloadssubmitted by Pro to cybersecurity 1 points | 0 comments https://isc.sans.edu/diary/rss/32014INFOSEC.PUB
5 JunResearcher Found 6 Critical Vulnerabilities in NetMRI Allow Attackers Gain Complete Admin AccessIn a Rhino Security Labs, six critical vulnerabilities have been identified in Infoblox’s NetMRI network automation and configuration management solution, specifically version 7.5.4.104695 of the virtual appliance. These security flaws, ranging from unauthenticated command inject…GBHACKERS.COM
5 Jun35,000 Solar Power Systems Exposed to Internet - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/35000-solar-power-systems-exposed-to-internet/SH.ITJUST.WORKS
5 JunFBI warns of NFT airdrop scams targeting Hedera Hashgraph walletssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/fbi-warns-of-nft-airdrop-scams-targeting-hedera-hashgraph-wallets/SH.ITJUST.WORKS
5 JunHackers Leak 86 Million AT&T Records with Decrypted SSNssubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/hackers-leak-86m-att-records-with-decrypted-ssns/SH.ITJUST.WORKS
5 JunNew Report: Global Conflicts in the Digital Age - How Geopolitics Influence Cyber Operations - Silobreakersubmitted by kid to cybersecurity 1 points | 0 comments https://www.silobreaker.com/blog/geopolitical/new-report-how-geopolitics-influence-cyber-operations/SH.ITJUST.WORKS
5 JunCritical flaw in Cisco ISE impacts cloud deployments on AWS, Microsoft Azure, and Oracle Cloud Infrastructuresubmitted by kid to cybersecurity 1 points | 0 comments https://securityaffairs.com/178659/uncategorized/critical-flaw-in-cisco-ise-impacts-cloud-deployments-on-aws-microsoft-azure-and-oracle-cloud-infrastructure.htmlSH.ITJUST.WORKS
5 JunNewly identified wiper malware “PathWiper” targets critical infrastructure in Ukrainesubmitted by kid to cybersecurity 1 points | 0 comments https://blog.talosintelligence.com/pathwiper-targets-ukraine/SH.ITJUST.WORKS
5 JunNew Phishing Attack that Hides Malicious Link from Outlook Userssubmitted by kid to cybersecurity 2 points | 0 comments https://cybersecuritynews.com/phishing-attack-hides-malicious-link/SH.ITJUST.WORKS
5 JunThe strange tale of ischhfd83: When cybercriminals eat their ownsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://news.sophos.com/en-us/2025/06/04/the-strange-tale-of-ischhfd83-when-cybercriminals-eat-their-own/INFOSEC.PUB
5 JunVodafone Germany Fined $51 Million Over Privacy, Security Failures - SecurityWeeksubmitted by kid to cybersecurity 2 points | 0 comments https://www.securityweek.com/vodafone-germany-fined-51-million-over-privacy-security-failures/SH.ITJUST.WORKS
5 JunGenAI's Impact — Surging Adoption and Rising Risks in 2025Explore how GenAI is reshaping enterprise operations and how to mitigate rising risks. The post GenAI's Impact — Surging Adoption and Rising Risks in 2025 appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
5 JunResearchers Detail Bitter APT’s Evolving Tactics as Its Geographic Scope ExpandsThe threat actor known as Bitter has been assessed to be a state-backed hacking group that's tasked with gathering intelligence that aligns with the interests of the Indian government. That's according to new findings jointly published by Proofpoint and Threatray in an exhaustive…THEHACKERNEWS.COM
5 JunMore than a hundred backdoored malware repos traced to single GitHub usersubmitted by Pro to cybersecurity 1 points | 0 comments https://news.sophos.com/en-us/2025/06/04/the-strange-tale-of-ischhfd83-when-cybercriminals-eat-their-own/SH.ITJUST.WORKS
5 JunMeet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 3Meet the minds behind how Microsoft prioritizes cybersecurity across every team and employee. The post Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 3 appeared first on Microsoft Security Blog .MICROSOFT.COM
5 JunWordPress Admins Cautioned About Fake Cache Plugin Stealing Admin CredentialsA newly identified malicious plugin, dubbed “wp-runtime-cache,” has been discovered targeting WordPress sites with a sophisticated method to steal admin credentials. Disguised as a caching plugin, this malware lurks in the wp-content/plugins directory, evading detecti…GBHACKERS.COM
5 JunIs Bitcoin Really Decentralized? Cybersecurity Experts Explode the Myth 😳Two seasoned cybersecurity experts dive into one of the most heated debates in the blockchain world — is Bitcoin truly decentralized? 💥 Sam Bowne defends its structure, while Joshua Marpet calls out the flaws, pointing fingers at miners and exchanges. This fiery exchange challeng…YOUTUBE.COM
5 JunConnect with us at the Gartner Security & Risk Management SummitMicrosoft will spotlight its AI-first, end-to-end security platform at the Gartner Security & Risk Management Summit. Read our blog post for details on how to connect with us there and a teaser of what to expect from our sessions. The post Connect with us at the Gartner …TECHCOMMUNITY.MICROSOFT.COM
5 JunViperSoftX Malware Enhances Modularity, Stealth, and Persistence TechniquesThe cybersecurity landscape witnessed the emergence of new PowerShell-based malware samples circulating in underground forums and threat-hunting communities, marking a significant evolution of the notorious ViperSoftX stealer. This updated variant, building on its 2024 predecesso…GBHACKERS.COM
5 JunThe Nightmare of Maintaining Frankenstein Code 😬 #programmingMaintaining inherited code isn’t just frustrating—it can be a full-blown cybersecurity nightmare. In this short, Paul breaks down the Ivanti situation, where enterprise software built on layers of past acquisitions has turned into a maintenance mess. Cyber pros will relate to the…YOUTUBE.COM
5 JunIranian APT ‘BladedFeline’ Remains Hidden in Networks for 8 YearsESET researchers have uncovered the persistent activities of BladedFeline, an Iranian-aligned Advanced Persistent Threat (APT) group, which has maintained covert access to the networks of Kurdish and Iraqi government officials for nearly eight years. First identified in 2017 thro…GBHACKERS.COM
5 JunMisconfigured HMIs Expose US Water Systems to Anyone with a BrowserCensys researchers follow some clues and find hundreds of control-room dashboards for US water utilities on the public internet. The post Misconfigured HMIs Expose US Water Systems to Anyone with a Browser appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunHome Internet Connected Devices Facilitate Criminal Activitysubmitted by Pro to cybersecurity 1 points | 1 comments https://www.ic3.gov/PSA/2025/PSA250605INFOSEC.PUB
5 JunBladedFeline: Whispering in the darkESET researchers analyzed a cyberespionage campaign conducted by BladedFeline, an Iran-aligned APT group with likely ties to OilRigWELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
5 JunUS offers $10M for tips on state hackers tied to RedLine malwareThe U.S. Department of State has announced a reward of up to $10 million for any information on government-sponsored hackers with ties to the RedLine infostealer malware operation and its suspected creator, Russian national Maxim Alexandrovich Rudometov. [...]BLEEPINGCOMPUTER.COM
5 JunFBI: BADBOX 2.0 Android malware infects millions of consumer devicesThe FBI is warning that the BADBOX 2.0 malware campaign has infected over 1 million home Internet-connected devices, converting consumer electronics into residential proxies that are used for malicious activity. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
5 JunSmashing Security podcast #420: Fake Susies, flawed systems, and fruity fixes for anxietyA bizarre case of political impersonation, where Trump’s top aide Susie Wiles is cloned (digitally, not biologically — we think), and high-ranking Republicans start getting invitations to link up with "her" on Telegram to share their Trump pardon wishlists. Was it a deepfake? Or …GRAHAMCLULEY.COM
📡 INFOSEC NEWS 9[−]
5 JunBe Careful With Fake Zoom Client Downloads, (Thu, Jun 5th)Collaborative tools are really popular these days. Since the COVID-19 pandemic, many people switched to remote work positions and we need to collaborate with our colleagues or customers every day. Tools like Microsoft Teams, Zoom, WebEx, (name your best solution), ... became popu…ISC.SANS.EDU
5 JunDoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global TakedownThe U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and dark web domains associated with an illicit carding marketplace called BidenCash. "The operators of the BidenCash marketplace use the platform to simplify th…THEHACKERNEWS.COM
5 JunAnthropic unveils custom AI models for U.S. national security customersAnthropic says that it has released a new set of AI models tailored for U.S. national security customers. The new models, a custom set of “Claude Gov” models, were “built based on direct feedback from our government customers to address real-world operational ne…TECHCRUNCH.COM
5 JunPopular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded CredentialsCybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks. "Several widely used extensions [...] unintentionally transmit sensitiv…THEHACKERNEWS.COM
5 JunNintendo warns Switch 2 GameChat users: “Your chat is recorded”Temporary local copies can be shared with Nintendo through manual user reporting.ARSTECHNICA.COM
5 JunProxy Services Feast on Ukraine’s IP Address ExodusUkraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the hands of proxy and anonymity servi…KREBSONSECURITY.COM
5 JunChatGPT prepares o3-pro model for $200 Pro subscribersOpenAI is planning to ship an update to ChatGPT that will turn on the new o3 Pro model, which has more compute to think harder. [...]BLEEPINGCOMPUTER.COM
5 JunGoogle’s upcoming Gemini Kingfall is allegedly a coding beastGoogle's AI advancement is not slowing down, and we might be getting yet another powerful model codenamed "Gemini Kingfall." [...]BLEEPINGCOMPUTER.COM
5 JunMailerLite warns of phishing campaignMailerLite has contacted tits customers warning them about a phishing campaign that is trying to steal login details.GRAHAMCLULEY.COM